Lucene search

K

Veracode Vulnerability DatabaseVERACODE:43640

HistoryOct 09, 2023 - 3:52 p.m.

Denial Of Service (DoS)

2023-10-0915:52:07

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

12

mutt

vulnerability

crash

email

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

27.5%

mutt is vulnerable to Denial of Service (DoS). This vulnerability allows an attacker to send a specially crafted email that causes the email client to crash when reading or processing the email due to a Null pointer dereference.

References

www.openwall.com/lists/oss-security/2023/09/26/6

gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch

gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch

lists.debian.org/debian-lts-announce/2023/09/msg00021.html

security-tracker.debian.org/tracker/CVE-2023-4874

www.debian.org/security/2023/dsa-5494

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

27.5%

Related for VERACODE:43640

nessus20 cbl_mariner1 redhatcve1 cve1 osv9 cvelist1 debiancve1 nvd1 vulnrichment1 ubuntucve1 prion1 amazon2 openvas13 mageia1 redhat2 ubuntu2 debian2 almalinux2 oraclelinux2 redos1 rocky1